Lucene search
K

35 matches found

NVD
NVD
added 2018/08/30 10:29 p.m.17 views

CVE-2018-16233

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter...

6.1CVSS5.3AI score0.00865EPSS
Exploits1References1
OSV
OSV
added 2018/08/30 10:29 p.m.17 views

CVE-2018-16233

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter...

6.1CVSS5.7AI score
Exploits0References1
Cvelist
Cvelist
added 2018/08/30 10:0 p.m.27 views

CVE-2018-16233

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter...

5.3AI score0.00865EPSS
Exploits1References1
CVE
CVE
added 2018/08/30 10:0 p.m.67 views

CVE-2018-16233

Technical details for CVE-2018-16233 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

6.1CVSS5.2AI score0.00865EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/04/19 8:29 a.m.20 views

CVE-2018-10221

An issue was discovered in WUZHI CMS V4.1.0. There is a persistent XSS vulnerability that can steal the administrator cookies via the tagtag parameter to the index.php?m=tags&f=index&v=add&&su=wuzhicms URI. After a website editor whose privilege is lower than the administrator logs in, he can add...

5.4CVSS5.5AI score
Exploits0References1
CNVD
CNVD
added 2018/02/26 12:0 a.m.2 views

Piwigo SQL Injection Vulnerability (CNVD-2018-06303)

Piwigo is a free and open source web photo album software. A SQL injection vulnerability exists in admin/tags.php in the admin panel in Piwigo before 2.9.3. An attacker can exploit this vulnerability by using the tags array parameter in the admin.php?page=tags request to perform a SQL injection...

4.9CVSS8.1AI score0.01237EPSS
Exploits0References1
OSV
OSV
added 2018/02/16 4:29 a.m.3 views

CVE-2018-6189

F-Secure Radar on-premises before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue...

6.1CVSS5.8AI score0.00949EPSS
Exploits1References2
NVD
NVD
added 2018/02/16 4:29 a.m.21 views

CVE-2018-6189

F-Secure Radar on-premises before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue...

6.1CVSS6AI score0.00949EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/02/16 4:0 a.m.28 views

CVE-2018-6189

F-Secure Radar on-premises before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue...

6AI score0.00949EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2017/12/27 5:8 p.m.2 views

CVE-2017-17871

The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter...

9.8CVSS5.9AI score0.02652EPSS
Exploits1References2
CNVD
CNVD
added 2017/12/22 12:0 a.m.2 views

Piwigo Batch Manager Component Cross-Site Scripting Vulnerability

Piwigo is a web-based photo album software from Piwigo team. The software supports photo publishing, management, multiple browsing category, tag, time, etc. Batch Manager component is one of the manager components. A cross-site scripting vulnerability exists in the Batch Manager component in Piwi...

4.8CVSS6.1AI score0.0054EPSS
Exploits1References1
CNVD
CNVD
added 2017/11/29 12:0 a.m.4 views

Fastspot BigTree CMS SQL Injection Vulnerability (CNVD-2017-35446)

Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in the core/inc/auto-modules.php file in Fastspot BigTree CMS 4.2.19 and earlier versions. A remote attacker can exploit the...

6.5CVSS7.9AI score0.01393EPSS
Exploits1References1
NVD
NVD
added 2017/02/24 2:59 a.m.17 views

CVE-2014-9916

Multiple cross-site scripting XSS vulnerabilities in Bilboplanet 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 tribename or 2 tags parameter in a tribes page request to user/ or the 3 userid or 4 fullname parameter to signup.php...

6.1CVSS6.1AI score0.00868EPSS
Exploits1References1
Prion
Prion
added 2017/02/24 2:59 a.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Bilboplanet 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 tribename or 2 tags parameter in a tribes page request to user/ or the 3 userid or 4 fullname parameter to signup.php...

4.3CVSS6.1AI score0.00868EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2012/07/03 10:55 p.m.11 views

Sql injection

Multiple SQL injection vulnerabilities in application/core/MYModel.php in MyClientBase 0.12 allow remote attackers to execute arbitrary SQL commands via the 1 invoicenumber or 2 tags parameter to index.php/invoicesearch...

7.5CVSS9.3AI score0.02435EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder